Network techs: Hackers are getting smarter

Published: Sunday, June 8, 2014 at 04:39 PM.

PANAMA CITY — The hacker that destroys an individual’s computer or breaches a company’s network security could be halfway around the world or sitting at the coffee shop next door.

As online adversaries become smarter and more plentiful, network technicians are advising businesses and individuals to adopt good “cyber hygiene” practices now more than ever.

“People are really on their own,” said Kevin Winter, chief information officer with government contract company Booz Allen Hamilton. “Organizations and companies are on their own to protect themselves and keep their property and privacy intact.”

With locations across the country, including an office in Panama City Beach, Winter said the largest security threat Booz Allen faces comes from “spearphishing,” or a targeted attack from an adversary.

Because spearphishing attacks often come in the form of an email from a familiar contact, a company’s employees can become the problem if they aren’t properly educated about the risks.

To combat spearphishers, Booz Allen launched “Star Phish,” a hands-on training program that teaches employees to look for things that are out of the ordinary. If an employee clicks on links planted to impersonate a spearphising attack, Star Phish redirects to view a video that explains the suspicious element in the email.

“It’s teaching them how to look for things and it explains what was not legitimate in the email,” Winter said. “They have a choice. That mainline defense is actually the employee’s action.”

PANAMA CITY — The hacker that destroys an individual’s computer or breaches a company’s network security could be halfway around the world or sitting at the coffee shop next door.

As online adversaries become smarter and more plentiful, network technicians are advising businesses and individuals to adopt good “cyber hygiene” practices now more than ever.

“People are really on their own,” said Kevin Winter, chief information officer with government contract company Booz Allen Hamilton. “Organizations and companies are on their own to protect themselves and keep their property and privacy intact.”

With locations across the country, including an office in Panama City Beach, Winter said the largest security threat Booz Allen faces comes from “spearphishing,” or a targeted attack from an adversary.

Because spearphishing attacks often come in the form of an email from a familiar contact, a company’s employees can become the problem if they aren’t properly educated about the risks.

To combat spearphishers, Booz Allen launched “Star Phish,” a hands-on training program that teaches employees to look for things that are out of the ordinary. If an employee clicks on links planted to impersonate a spearphising attack, Star Phish redirects to view a video that explains the suspicious element in the email.

“It’s teaching them how to look for things and it explains what was not legitimate in the email,” Winter said. “They have a choice. That mainline defense is actually the employee’s action.”

Booz Allen Executive Vice President Joe Mahaffee said virus threats have become increasingly harder to detect over the years.

“I think a lot of the threats, some of the adversaries out there, have become a lot more sophisticated,” Mahaffee said. “Some of their techniques have become more lethal and more devastating, and on top of that, there are a lot of times where you don’t even know you’ve been had.”

However, Mahaffee said 98 percent of problems can be avoided by keeping security suites up to date, utilizing complex passwords and changing them often, and making sure software is up-to-date.

“In many cases, you just need to make yourself a harder target so the adversaries go somewhere else,” he said. “Most of the attacks you hear about are pretty rudimentary in nature. They’re just preying on weak practices.”

Cody Watford, a technician with NetTech in Panama City, said viruses remain the most common issue the company deals with.

One of the worst, he said, is the CryptoLocker virus, which silently downloads onto a computer, encrypts the user’s files and locks the system. The virus then puts up a ransom to unlock the computer, demanding the user wire money to an account.

Watford’s best advice to avoid viruses like CryptoLocker is to practice safe and smart browsing.